Checklist: Implementing a DirectAccess Design for End-to-End Access

Updated: October 7, 2009

Applies To: Windows Server 2008 R2

Important

This topic describes deployment of DirectAccess in Windows Server 2008 R2. For deployment of DirectAccess in Microsoft Forefront Unified Access Gateway (UAG), see the Forefront UAG DirectAccess Deployment Guide (https://go.microsoft.com/fwlink/?LinkId=179989).

This checklist includes cross-reference links to important concepts about deploying DirectAccess in the end-to-end access model. It also contains links to procedures and other checklists that will help you complete the tasks that are required to implement this design.

Note

Complete the tasks in this checklist in order. When a reference link takes you to a conceptual topic, a procedure, or to another checklist, return to this topic so that you can proceed with the remaining tasks in this checklist.

Checklist: Implementing a DirectAccess design for end-to-end access

  Task Reference

Review important concepts and the example for the DirectAccess end-to-end access model.

End-to-End Access

End-to-end Access Example

Configure the required infrastructure for DirectAccess.

Checklist: Preparing Your Infrastructure for DirectAccess

Prepare the DirectAccess server computer for the DirectAccess Setup Wizard.

Checklist: Preparing Your DirectAccess Server

Install the DirectAccess feature on the DirectAccess server.

Install the DirectAccess Feature

Configure the DirectAccess server for the end-to-end access method with the DirectAccess Setup Wizard.

Configure the DirectAccess Setup Wizard for End-to-End Access

Customize the connection security policies created by the DirectAccess Setup Wizard for end-to-end access.

Configure Connection Security Rules for End-to-end Access

Configure the Corporate Website Probe URL Group Policy setting.

Design Your Intranet for Corporate Connectivity Detection

Configure Corporate Connectivity Detection Settings

If needed by your design plan, configure force tunneling.

Configure Force Tunneling for DirectAccess Clients

If needed by your design plan, configure a connection or routing to the Internet Protocol version 6 (IPv6) Internet.

Connect to the IPv6 Internet

If needed by your design plan, configure client authentication and certificate mapping for Internet Protocol over Secure Hypertext Transfer Protocol (IP-HTTPS) connections.

Configure Client Authentication and Certificate Mapping for IP-HTTPS Connections

If needed by your design plan, configure connection security rules to protect traffic sent between DirectAccess clients.

Configure Connection Security Rules for Traffic Between DirectAccess Clients